I have a problem with getting AppId running on snort/pfsense.
The system-log says:
“AppInfo: AppId 5348 is UNKNOWN”
“Invalid direct service AppId, 5348, for 0x808072f60 0x80d7fc700”
snort itself is running and it seems like it’s doing all the basic things.
I tried to figure out how to fix that but I couldn’t find a solution to fix it.
I’ve also checked the current snort version on my pfsense and it says “Newer version available”.
It says I’m running Version 4.1.6, Package Dependencies: snort-2.9.20
Package is configured but not (fully) installed or deprecated
On the homepage it say the current Version is 3.0 but can’t find any information how I update to version 3.0 on pfsense. The Rules in the “Update” section on “Services/Snort/Updates” is up to date but the signature database and software version are two different things i guess.
Can someone help me with this?